VYPR

Graphicsmagick

by Graphicsmagick

Source repositories

CVEs (128)

  • CVE-2017-14165MedSep 6, 2017
    risk 0.42cvss 6.5epss 0.02

    The ReadSUNImage function in coders/sun.c in GraphicsMagick 1.3.26 has an issue where memory allocation is excessive because it depends only on a length field in a header. This may lead to remote denial of service in the MagickMalloc function in magick/memory.c.

  • CVE-2017-14042MedAug 30, 2017
    risk 0.42cvss 6.5epss 0.02

    A memory allocation failure was discovered in the ReadPNMImage function in coders/pnm.c in GraphicsMagick 1.3.26. The vulnerability causes a big memory allocation, which may lead to remote denial of service in the MagickRealloc function in magick/memory.c.

  • CVE-2017-13777MedAug 30, 2017
    risk 0.42cvss 6.5epss 0.02

    GraphicsMagick 1.3.26 has a denial of service issue in ReadXBMImage() in a coders/xbm.c "Read hex image data" version==10 case that results in the reader not returning; it would cause large amounts of CPU and memory consumption although the crafted file itself does not request…

  • CVE-2017-13776MedAug 30, 2017
    risk 0.42cvss 6.5epss 0.02

    GraphicsMagick 1.3.26 has a denial of service issue in ReadXBMImage() in a coders/xbm.c "Read hex image data" version!=10 case that results in the reader not returning; it would cause large amounts of CPU and memory consumption although the crafted file itself does not request…

  • CVE-2017-13775MedAug 30, 2017
    risk 0.42cvss 6.5epss 0.02

    GraphicsMagick 1.3.26 has a denial of service issue in ReadJNXImage() in coders/jnx.c whereby large amounts of CPU and memory resources may be consumed although the file itself does not support the requests.

  • CVE-2017-13737MedAug 29, 2017
    risk 0.42cvss 6.5epss 0.03

    There is an invalid free in the MagickFree function in magick/memory.c in GraphicsMagick 1.3.26 that will lead to a remote denial of service attack.

  • CVE-2017-13736MedAug 29, 2017
    risk 0.42cvss 6.5epss 0.02

    There are lots of memory leaks in the GMCommand function in magick/command.c in GraphicsMagick 1.3.26 that will lead to a remote denial of service attack.

  • CVE-2017-13648MedAug 23, 2017
    risk 0.42cvss 6.5epss 0.01

    In GraphicsMagick 1.3.26, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c.

  • CVE-2017-13134MedAug 23, 2017
    risk 0.42cvss 6.5epss 0.02

    In ImageMagick 7.0.6-6 and GraphicsMagick 1.3.26, a heap-based buffer over-read was found in the function SFWScan in coders/sfw.c, which allows attackers to cause a denial of service via a crafted file.

  • CVE-2017-13066MedAug 22, 2017
    risk 0.42cvss 6.5epss 0.01

    GraphicsMagick 1.3.26 has a memory leak vulnerability in the function CloneImage in magick/image.c.

  • CVE-2017-13065MedAug 22, 2017
    risk 0.42cvss 6.5epss 0.02

    GraphicsMagick 1.3.26 has a NULL pointer dereference vulnerability in the function SVGStartElement in coders/svg.c.

  • CVE-2017-13064MedAug 22, 2017
    risk 0.42cvss 6.5epss 0.02

    GraphicsMagick 1.3.26 has a heap-based buffer overflow vulnerability in the function GetStyleTokens in coders/svg.c:311:12.

  • CVE-2017-13063MedAug 22, 2017
    risk 0.42cvss 6.5epss 0.02

    GraphicsMagick 1.3.26 has a heap-based buffer overflow vulnerability in the function GetStyleTokens in coders/svg.c:314:12.

  • CVE-2017-11722MedJul 28, 2017
    risk 0.42cvss 6.5epss 0.02

    The WriteOnePNGImage function in coders/png.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted file, because the program's actual control flow was inconsistent with its indentation. This…

  • CVE-2017-14649MedSep 21, 2017
    risk 0.36cvss 5.5epss 0.01

    ReadOneJNGImage in coders/png.c in GraphicsMagick version 1.3.26 does not properly validate JNG data, leading to a denial of service (assertion failure in magick/pixel_cache.c, and application crash).

  • CVE-2017-11140MedJul 10, 2017
    risk 0.36cvss 5.5epss 0.02

    The ReadJPEGImage function in coders/jpeg.c in GraphicsMagick 1.3.26 creates a pixel cache before a successful read of a scanline, which allows remote attackers to cause a denial of service (resource consumption) via crafted JPEG files.

  • CVE-2017-10800MedJul 3, 2017
    risk 0.36cvss 5.5epss 0.01

    When GraphicsMagick 1.3.25 processes a MATLAB image in coders/mat.c, it can lead to a denial of service (OOM) in ReadMATImage() if the size specified for a MAT Object is larger than the actual amount of data.

  • CVE-2017-10799MedJul 3, 2017
    risk 0.36cvss 5.5epss 0.01

    When GraphicsMagick 1.3.25 processes a DPX image (with metadata indicating a large width) in coders/dpx.c, a denial of service (OOM) can occur in ReadDPXImage().

  • CVE-2017-10794MedJul 2, 2017
    risk 0.36cvss 5.5epss 0.02

    When GraphicsMagick 1.3.25 processes an RGB TIFF picture (with metadata indicating a single sample per pixel) in coders/tiff.c, a buffer overflow occurs, related to QuantumTransferMode.

  • CVE-2017-6335MedMar 14, 2017
    risk 0.36cvss 5.5epss 0.02

    The QuantumTransferMode function in coders/tiff.c in GraphicsMagick 1.3.25 and earlier allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a small samples per pixel value in a CMYKA TIFF file.

Page 4 of 7